Detections
Analytics

CVE-2005-0567

critical

Description

Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/19465

http://www.securityfocus.com/bid/12645

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1

http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408

http://secunia.com/advisories/14382/

http://marc.info/?l=bugtraq&m=110929725801154&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical